1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
1 |
INSTALLATION ON THE NETWARE PLATFORM |
2 |
------------------------------------
|
|
3 |
||
4 |
Notes about building OpenSSL for NetWare. |
|
5 |
||
6 |
||
7 |
BUILD PLATFORM: |
|
8 |
---------------
|
|
9 |
The build scripts (batch files, perl scripts, etc) have been developed and |
|
10 |
tested on W2K. The scripts should run fine on other Windows platforms |
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
11 |
(NT, Win9x, WinXP) but they have not been tested. They may require some |
12 |
modifications. |
|
13 |
||
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
14 |
|
15 |
Supported NetWare Platforms - NetWare 5.x, NetWare 6.x: |
|
16 |
-------------------------------------------------------
|
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
17 |
OpenSSL can either use the WinSock interfaces introduced in NetWare 5, |
18 |
or the BSD socket interface. Previous versions of NetWare, 4.x and 3.x, |
|
19 |
are only supported if OpenSSL is build for CLIB and BSD sockets; |
|
20 |
WinSock builds only support NetWare 5 and up. |
|
21 |
||
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
22 |
On NetWare there are two c-runtime libraries. There is the legacy CLIB |
23 |
interfaces and the newer LIBC interfaces. Being ANSI-C libraries, the |
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
24 |
functionality in CLIB and LIBC is similar but the LIBC interfaces are built |
25 |
using Novell Kernal Services (NKS) which is designed to leverage |
|
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
26 |
multi-processor environments. |
27 |
||
28 |
The NetWare port of OpenSSL can be configured to build using CLIB or LIBC. |
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
29 |
The CLIB build was developed and tested using NetWare 5.0 sp6.0a. The LIBC |
30 |
build was developed and tested using the NetWare 6.0 FCS. |
|
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
31 |
|
32 |
The necessary LIBC functionality ships with NetWare 6. However, earlier |
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
33 |
NetWare 5.x versions will require updates in order to run the OpenSSL LIBC |
34 |
build (NetWare 5.1 SP8 is known to work). |
|
35 |
||
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
36 |
As of June 2005, the LIBC build can be configured to use BSD sockets instead |
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
37 |
of WinSock sockets. Call Configure (usually through netware\build.bat) using |
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
38 |
a target of "netware-libc-bsdsock" instead of "netware-libc". |
39 |
||
40 |
As of June 2007, support for CLIB and BSD sockets is also now available |
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
41 |
using a target of "netware-clib-bsdsock" instead of "netware-clib"; |
42 |
also gcc builds are now supported on both Linux and Win32 (post 0.9.8e). |
|
43 |
||
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
44 |
REQUIRED TOOLS: |
45 |
---------------
|
|
46 |
Based upon the configuration and build options used, some or all of the |
|
47 |
following tools may be required: |
|
48 |
||
49 |
* Perl for Win32 - required (http://www.activestate.com/ActivePerl) |
|
50 |
Used to run the various perl scripts on the build platform. |
|
51 |
||
52 |
* Perl 5.8.0 for NetWare v3.20 (or later) - required |
|
53 |
(http://developer.novell.com) Used to run the test script on NetWare |
|
54 |
after building. |
|
55 |
||
56 |
* Compiler / Linker - required: |
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
57 |
Metrowerks CodeWarrior PDK 2.1 (or later) for NetWare (commercial): |
58 |
Provides command line tools used for building. |
|
59 |
Tools: |
|
60 |
mwccnlm.exe - C/C++ Compiler for NetWare |
|
61 |
mwldnlm.exe - Linker for NetWare |
|
62 |
mwasmnlm.exe - x86 assembler for NetWare (if using assembly option) |
|
63 |
||
64 |
gcc / nlmconv Cross-Compiler, available from Novell Forge (free): |
|
65 |
http://forge.novell.com/modules/xfmod/project/?aunixnw |
|
66 |
||
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
67 |
* Assemblers - optional: |
68 |
If you intend to build using the assembly options you will need an |
|
69 |
assembler. Work has been completed to support two assemblers, Metrowerks |
|
70 |
and NASM. However, during development, a bug was found in the Metrowerks |
|
71 |
assembler which generates incorrect code. Until this problem is fixed, |
|
72 |
the Metrowerks assembler cannot be used. |
|
73 |
||
74 |
mwasmnlm.exe - Metrowerks x86 assembler - part of CodeWarrior tools. |
|
75 |
(version 2.2 Built Aug 23, 1999 - not useable due to code |
|
76 |
generation bug) |
|
77 |
||
78 |
nasmw.exe - Netwide Assembler NASM |
|
79 |
version 0.98 was used in development and testing |
|
80 |
||
81 |
* Make Tool - required: |
|
82 |
In order to build you will need a make tool. Two make tools are |
|
83 |
supported, GNU make (gmake.exe) or Microsoft nmake.exe. |
|
84 |
||
85 |
make.exe - GNU make for Windows (version 3.75 used for development) |
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
86 |
http://gnuwin32.sourceforge.net/packages/make.htm |
87 |
||
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
88 |
nmake.exe - Microsoft make (Version 6.00.8168.0 used for development) |
89 |
http://support.microsoft.com/kb/132084/EN-US/ |
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
90 |
|
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
91 |
* Novell Developer Kit (NDK) - required: (http://developer.novell.com) |
92 |
||
93 |
CLIB - BUILDS: |
|
94 |
||
95 |
WinSock2 Developer Components for NetWare: |
|
96 |
For initial development, the October 27, 2000 version was used. |
|
97 |
However, future versions should also work. |
|
98 |
||
99 |
NOTE: The WinSock2 components include headers & import files for |
|
100 |
NetWare, but you will also need the winsock2.h and supporting |
|
101 |
headers (pshpack4.h, poppack.h, qos.h) delivered in the |
|
102 |
Microsoft SDK. Note: The winsock2.h support headers may change |
|
103 |
with various versions of winsock2.h. Check the dependencies |
|
104 |
section on the NDK WinSock2 download page for the latest |
|
105 |
information on dependencies. These components are unsupported by |
|
106 |
Novell. They are provided as a courtesy, but it is strongly |
|
107 |
suggested that all development be done using LIBC, not CLIB. |
|
108 |
||
109 |
As of June 2005, the WinSock2 components are available at: |
|
110 |
http://forgeftp.novell.com//ws2comp/ |
|
111 |
||
112 |
||
113 |
NLM and NetWare libraries for C (including CLIB and XPlat): |
|
114 |
If you are going to build a CLIB version of OpenSSL, you will |
|
115 |
need the CLIB headers and imports. The March, 2001 NDK release or |
|
116 |
later is recommended. |
|
117 |
||
118 |
Earlier versions should work but haven't been tested. In recent |
|
119 |
versions the import files have been consolidated and function
|
|
120 |
names moved. This means you may run into link problems
|
|
121 |
(undefined symbols) when using earlier versions. The functions
|
|
122 |
are available in earlier versions, but you will have to modifiy
|
|
123 |
the make files to include additional import files (see
|
|
124 |
openssl\util\pl\netware.pl).
|
|
125 |
||
126 |
||
127 |
LIBC - BUILDS:
|
|
128 |
|
|
129 |
Libraries for C (LIBC) - LIBC headers and import files
|
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
130 |
If you are going to build a LIBC version of OpenSSL, you will
|
131 |
need the LIBC headers and imports. The March 14, 2002 NDK release or
|
|
132 |
later is required.
|
|
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
133 |
|
134 |
NOTE: The LIBC SDK includes the necessary WinSock2 support.
|
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
135 |
It is not necessary to download the WinSock2 NDK when building for
|
136 |
LIBC. The LIBC SDK also includes the appropriate BSD socket support
|
|
137 |
if configuring to use BSD sockets.
|
|
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
138 |
|
139 |
||
140 |
BUILDING:
|
|
141 |
---------
|
|
142 |
Before building, you will need to set a few environment variables. You can
|
|
143 |
set them manually or you can modify the "netware\set_env.bat" file.
|
|
144 |
||
145 |
The set_env.bat file is a template you can use to set up the path
|
|
146 |
and environment variables you will need to build. Modify the
|
|
147 |
various lines to point to YOUR tools and run set_env.bat.
|
|
148 |
||
149 |
netware\set_env.bat <target> [compiler]
|
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
150 |
|
151 |
target - "netware-clib" - CLIB NetWare build
|
|
152 |
- "netware-libc" - LIBC NetWare build
|
|
153 |
||
154 |
compiler - "gnuc" - GNU GCC Compiler
|
|
155 |
- "codewarrior" - MetroWerks CodeWarrior (default)
|
|
156 |
||
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
157 |
If you don't use set_env.bat, you will need to set up the following |
158 |
environment variables: |
|
159 |
||
160 |
PATH - Set PATH to point to the tools you will use. |
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
161 |
|
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
162 |
INCLUDE - The location of the NDK include files. |
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
163 |
|
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
164 |
CLIB ex: set INCLUDE=c:\ndk\nwsdk\include\nlm |
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
165 |
LIBC ex: set INCLUDE=c:\ndk\libc\include |
166 |
||
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
167 |
PRELUDE - The absolute path of the prelude object to link with. For |
168 |
a CLIB build it is recommended you use the "clibpre.o" files shipped |
|
169 |
with the Metrowerks PDK for NetWare. For a LIBC build you should |
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
170 |
use the "libcpre.o" file delivered with the LIBC NDK components. |
171 |
||
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
172 |
CLIB ex: set PRELUDE=c:\ndk\nwsdk\imports\clibpre.o |
173 |
LIBC ex: set PRELUDE=c:\ndk\libc\imports\libcpre.o |
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
174 |
|
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
175 |
IMPORTS - The locaton of the NDK import files. |
176 |
||
177 |
CLIB ex: set IMPORTS=c:\ndk\nwsdk\imports |
|
178 |
LIBC ex: set IMPORTS=c:\ndk\libc\imports |
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
179 |
|
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
180 |
|
181 |
In order to build, you need to run the Perl scripts to configure the build |
|
182 |
process and generate a make file. There is a batch file, |
|
183 |
"netware\build.bat", to automate the process. |
|
184 |
||
185 |
Build.bat runs the build configuration scripts and generates a make file. |
|
186 |
If an assembly option is specified, it also runs the scripts to generate |
|
187 |
the assembly code. Always run build.bat from the "openssl" directory. |
|
188 |
||
189 |
netware\build [target] [debug opts] [assembly opts] [configure opts] |
|
190 |
||
191 |
target - "netware-clib" - CLIB NetWare build (WinSock Sockets) |
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
192 |
- "netware-clib-bsdsock" - CLIB NetWare build (BSD Sockets) |
193 |
- "netware-libc" - LIBC NetWare build (WinSock Sockets) |
|
194 |
- "netware-libc-bsdsock" - LIBC NetWare build (BSD Sockets) |
|
195 |
||
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
196 |
debug opts - "debug" - build debug |
197 |
||
198 |
assembly opts - "nw-mwasm" - use Metrowerks assembler |
|
199 |
"nw-nasm" - use NASM assembler |
|
200 |
"no-asm" - don't use assembly |
|
201 |
||
202 |
configure opts- all unrecognized arguments are passed to the
|
|
203 |
perl 'configure' script. See that script for |
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
204 |
internal documentation regarding options that
|
205 |
are available.
|
|
206 |
||
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
207 |
examples:
|
208 |
||
209 |
CLIB build, debug, without assembly:
|
|
210 |
netware\build.bat netware-clib debug no-asm
|
|
211 |
||
212 |
LIBC build, non-debug, using NASM assembly, add mdc2 support:
|
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
213 |
netware\build.bat netware-libc nw-nasm enable-mdc2
|
214 |
||
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
215 |
LIBC build, BSD sockets, non-debug, without assembly:
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
216 |
netware\build.bat netware-libc-bsdsock no-asm
|
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
217 |
|
218 |
Running build.bat generates a make file to be processed by your make
|
|
219 |
tool (gmake or nmake):
|
|
220 |
||
221 |
CLIB ex: gmake -f netware\nlm_clib_dbg.mak
|
|
222 |
LIBC ex: gmake -f netware\nlm_libc.mak
|
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
223 |
LIBC ex: gmake -f netware\nlm_libc_bsdsock.mak
|
224 |
||
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
225 |
|
226 |
You can also run the build scripts manually if you do not want to use the
|
|
227 |
build.bat file. Run the following scripts in the "\openssl"
|
|
228 |
subdirectory (in the order listed below):
|
|
229 |
||
230 |
perl configure no-asm [other config opts] [netware-clib|netware-libc|netware-libc-bsdsock]
|
|
231 |
configures no assembly build for specified netware environment
|
|
232 |
(CLIB or LIBC).
|
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
233 |
|
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
234 |
perl util\mkfiles.pl >MINFO
|
235 |
generates a listing of source files (used by mk1mf)
|
|
236 |
||
237 |
perl util\mk1mf.pl no-asm [other config opts] [netware-clib|netware-libc|netware-libc-bsdsock >netware\nlm.mak
|
|
238 |
generates the makefile for NetWare
|
|
239 |
||
240 |
gmake -f netware\nlm.mak
|
|
241 |
build with the make tool (nmake.exe also works)
|
|
242 |
||
243 |
NOTE: If you are building using the assembly option, you must also run the
|
|
244 |
various Perl scripts to generate the assembly files. See build.bat
|
|
245 |
for an example of running the various assembly scripts. You must use the
|
|
246 |
"no-asm" option to build without assembly. The configure and mk1mf scripts
|
|
247 |
also have various other options. See the scripts for more information.
|
|
248 |
||
249 |
||
250 |
The output from the build is placed in the following directories:
|
|
251 |
||
252 |
CLIB Debug build:
|
|
253 |
out_nw_clib.dbg - static libs & test nlm(s)
|
|
254 |
tmp_nw_clib.dbg - temporary build files
|
|
255 |
outinc_nw_clib - necessary include files
|
|
256 |
||
257 |
CLIB Non-debug build:
|
|
258 |
out_nw_clib - static libs & test nlm(s)
|
|
259 |
tmp_nw_clib - temporary build files
|
|
260 |
outinc_nw_clib - necesary include files
|
|
261 |
||
262 |
LIBC Debug build:
|
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
263 |
out_nw_libc.dbg - static libs & test nlm(s)
|
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
264 |
tmp_nw_libc.dbg - temporary build files
|
265 |
outinc_nw_libc - necessary include files
|
|
266 |
||
267 |
LIBC Non-debug build:
|
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
268 |
out_nw_libc - static libs & test nlm(s)
|
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
269 |
tmp_nw_libc - temporary build files
|
270 |
outinc_nw_libc - necesary include files
|
|
271 |
||
272 |
||
273 |
TESTING:
|
|
274 |
--------
|
|
275 |
The build process creates the OpenSSL static libs ( crypto.lib, ssl.lib,
|
|
276 |
rsaglue.lib ) and several test programs. You should copy the test programs
|
|
277 |
to your NetWare server and run the tests.
|
|
278 |
||
279 |
The batch file "netware\cpy_tests.bat" will copy all the necessary files
|
|
280 |
to your server for testing. In order to run the batch file, you need a
|
|
281 |
drive mapped to your target server. It will create an "OpenSSL" directory
|
|
282 |
on the drive and copy the test files to it. CAUTION: If a directory with the
|
|
283 |
name of "OpenSSL" already exists, it will be deleted.
|
|
284 |
||
285 |
To run cpy_tests.bat:
|
|
286 |
||
287 |
netware\cpy_tests [output directory] [NetWare drive]
|
|
288 |
||
289 |
output directory - "out_nw_clib.dbg", "out_nw_libc", etc.
|
|
290 |
NetWare drive - drive letter of mapped drive
|
|
291 |
||
292 |
CLIB ex: netware\cpy_tests out_nw_clib m:
|
|
293 |
LIBC ex: netware\cpy_tests out_nw_libc m:
|
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
294 |
|
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
295 |
|
296 |
The Perl script, "do_tests.pl", in the "OpenSSL" directory on the server
|
|
297 |
should be used to execute the tests. Before running the script, make sure
|
|
298 |
your SEARCH PATH includes the "OpenSSL" directory. For example, if you
|
|
299 |
copied the files to the "sys:" volume you use the command:
|
|
300 |
||
301 |
SEARCH ADD SYS:\OPENSSL
|
|
302 |
||
303 |
||
304 |
To run do_tests.pl type (at the console prompt):
|
|
305 |
||
306 |
perl \openssl\do_tests.pl [options]
|
|
307 |
||
308 |
options:
|
|
309 |
-p - pause after executing each test
|
|
310 |
||
311 |
The do_tests.pl script generates a log file "\openssl\test_out\tests.log"
|
|
312 |
which should be reviewed for errors. Any errors will be denoted by the word
|
|
313 |
"ERROR" in the log.
|
|
314 |
||
315 |
DEVELOPING WITH THE OPENSSL SDK:
|
|
316 |
--------------------------------
|
|
317 |
Now that everything is built and tested, you are ready to use the OpenSSL
|
|
318 |
libraries in your development.
|
|
319 |
||
320 |
There is no real installation procedure, just copy the static libs and
|
|
321 |
headers to your build location. The libs (crypto.lib & ssl.lib) are
|
|
322 |
located in the appropriate "out_nw_XXXX" directory
|
|
323 |
(out_nw_clib, out_nw_libc, etc).
|
|
324 |
||
325 |
The headers are located in the appropriate "outinc_nw_XXX" directory
|
|
326 |
(outinc_nw_clib, outinc_nw_libc).
|
|
327 |
||
328 |
One suggestion is to create the following directory
|
|
329 |
structure for the OpenSSL SDK:
|
|
330 |
||
331 |
\openssl
|
|
332 |
|- bin
|
|
333 |
| |- openssl.nlm
|
|
334 |
| |- (other tests you want)
|
|
335 |
|
|
|
336 |
|- lib
|
|
337 |
| | - crypto.lib
|
|
338 |
| | - ssl.lib
|
|
339 |
|
|
|
340 |
|- include
|
|
341 |
| | - openssl
|
|
342 |
| | | - (all the headers in "outinc_nw\openssl")
|
|
343 |
||
344 |
||
345 |
The program "openssl.nlm" can be very useful. It has dozens of
|
|
346 |
options and you may want to keep it handy for debugging, testing, etc.
|
|
347 |
||
348 |
When building your apps using OpenSSL, define "NETWARE". It is needed by
|
|
349 |
some of the OpenSSL headers. One way to do this is with a compile option,
|
|
350 |
for example "-DNETWARE".
|
|
351 |
||
352 |
||
353 |
||
354 |
NOTES:
|
|
355 |
------
|
|
356 |
||
357 |
Resource leaks in Tests
|
|
358 |
------------------------
|
|
359 |
Some OpenSSL tests do not clean up resources and NetWare reports
|
|
360 |
the resource leaks when the tests unload. If this really bugs you,
|
|
361 |
you can stop the messages by setting the developer option off at the console
|
|
362 |
prompt (set developer option = off). Or better yet, fix the tests to
|
|
363 |
clean up the resources!
|
|
364 |
||
365 |
||
366 |
Multi-threaded Development
|
|
367 |
---------------------------
|
|
368 |
The NetWare version of OpenSSL is thread-safe, however multi-threaded
|
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
369 |
applications must provide the necessary locking function callbacks. This
|
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
370 |
is described in doc\threads.doc. The file "openssl-x.x.x\crypto\threads\mttest.c"
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
371 |
is a multi-threaded test program and demonstrates the locking functions.
|
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
372 |
|
373 |
||
374 |
What is openssl2.nlm?
|
|
375 |
---------------------
|
|
376 |
The openssl program has numerous options and can be used for many different
|
|
377 |
things. Many of the options operate in an interactive mode requiring the
|
|
378 |
user to enter data. Because of this, a default screen is created for the
|
|
379 |
program. However, when running the test script it is not desirable to
|
|
380 |
have a seperate screen. Therefore, the build also creates openssl2.nlm.
|
|
381 |
Openssl2.nlm is functionally identical but uses the console screen.
|
|
382 |
Openssl2 can be used when a non-interactive mode is desired.
|
|
383 |
||
384 |
NOTE: There are may other possibilities (command line options, etc)
|
|
385 |
which could have been used to address the screen issue. The openssl2.nlm
|
|
386 |
option was chosen because it impacted only the build not the code.
|
|
387 |
||
388 |
||
389 |
Why only static libraries?
|
|
390 |
--------------------------
|
|
391 |
Globals, globals, and more globals. The OpenSSL code uses many global
|
|
392 |
variables that are allocated and initialized when used for the first time.
|
|
393 |
||
394 |
On NetWare, most applications (at least historically) run in the kernel.
|
|
395 |
When running in the kernel, there is one instance of global variables.
|
|
396 |
For regular application type NLM(s) this isn't a problem because they are |
|
397 |
the only ones using the globals. However, for a library NLM (an NLM which |
|
398 |
exposes functions and has no threads of execution), the globals cause |
|
399 |
problems. Applications could inadvertently step on each other if they |
|
400 |
change some globals. Even worse, the first application that triggers a |
|
401 |
global to be allocated and initialized has the allocated memory charged to |
|
402 |
itself. Now when that application unloads, NetWare will clean up all the |
|
403 |
applicaton's memory. The global pointer variables inside OpenSSL now |
|
404 |
point to freed memory. An abend waiting to happen!
|
|
405 |
||
406 |
To work correctly in the kernel, library NLM(s) that use globals need to
|
|
407 |
provide a set of globals (instance data) for each application. Another
|
|
408 |
option is to require the library only be loaded in a protected address
|
|
409 |
space along with the application using it.
|
|
410 |
||
411 |
Modifying the OpenSSL code to provide a set of globals (instance data) for
|
|
412 |
each application isn't technically difficult, but due to the large number |
|
413 |
globals it would require substantial code changes and it wasn't done. Hence, |
|
414 |
the build currently only builds static libraries which are then linked |
|
415 |
into each application. |
|
416 |
||
417 |
NOTE: If you are building a library NLM that uses the OpenSSL static |
|
418 |
libraries, you will still have to deal with the global variable issue. |
|
419 |
This is because when you link in the OpenSSL code you bring in all the |
|
420 |
globals. One possible solution for the global pointer variables is to |
|
421 |
register memory functions with OpenSSL which allocate memory and charge it |
|
422 |
to your library NLM (see the function CRYPTO_set_mem_functions). However, |
|
423 |
be aware that now all memory allocated by OpenSSL is charged to your NLM. |
|
424 |
||
425 |
||
426 |
CodeWarrior Tools and W2K |
|
427 |
---------------------------
|
|
428 |
There have been problems reported with the CodeWarrior Linker |
|
429 |
(mwldnlm.exe) in the PDK 2.1 for NetWare when running on Windows 2000. The |
|
430 |
problems cause the link step to fail. The only work around is to obtain an |
|
431 |
updated linker from Metrowerks. It is expected Metrowerks will release |
|
432 |
PDK 3.0 (in beta testing at this time - May, 2001) in the near future which |
|
433 |
will fix these problems. |
|
434 |
||
435 |
||
436 |
Makefile "vclean" |
|
437 |
------------------
|
|
438 |
The generated makefile has a "vclean" target which cleans up the build |
|
439 |
directories. If you have been building successfully and suddenly |
|
440 |
experience problems, use "vclean" (gmake -f netware\nlm_xxxx.mak vclean) and retry. |
|
1.1.7
by Kurt Roeckx
Import upstream version 0.9.8k |
441 |
|
1.1.2
by Kurt Roeckx
Import upstream version 0.9.8a |
442 |
|
443 |
"Undefined Symbol" Linker errors |
|
444 |
--------------------------------
|
|
445 |
There have been linker errors reported when doing a CLIB build. The problems |
|
446 |
occur because some versions of the CLIB SDK import files inadvertently |
|
447 |
left out some symbols. One symbol in particular is "_lrotl". The missing |
|
448 |
functions are actually delivered in the binaries, but they were left out of |
|
449 |
the import files. The issues should be fixed in the September 2001 release |
|
450 |
of the NDK. If you experience the problems you can temporarily |
|
451 |
work around it by manually adding the missing symbols to your version of |
|
452 |
"clib.imp". |
|
453 |
||
454 |